//package com.pengzy.core.cloud_security;
//
//import com.pengzy.core.UserDetailsServiceImpl;
//import lombok.extern.slf4j.Slf4j;
//import org.mybatis.spring.annotation.MapperScan;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.http.HttpMethod;
//import org.springframework.security.authentication.DelegatingReactiveAuthenticationManager;
//import org.springframework.security.authentication.ReactiveAuthenticationManager;
//import org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager;
//import org.springframework.security.authorization.AuthorizationManager;
//import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
//import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
//import org.springframework.security.config.web.server.ServerHttpSecurity;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.web.server.SecurityWebFilterChain;
//import org.springframework.security.web.server.context.NoOpServerSecurityContextRepository;
//import reactor.core.publisher.Mono;
//
//import javax.annotation.Resource;
//import java.util.LinkedList;
//
///**
// * @author xiaozhi 2023/7/17
// */
//
//@EnableWebFluxSecurity
//@Configuration
//@Slf4j
//@MapperScan(basePackages = {"com.pengzy.**.mapper","com.pengzy.**.**.mapper"})
//public class WebSecurityConfig {
//
//
//    @Resource
//    private AuthorizationManagers authorizationManagers;
//    @Autowired
//    SecurityUserDetailsService securityUserDetailsService;
//    @Autowired
//    AccessDeniedHandler accessDeniedHandler;
//    @Autowired
//    AuthenticationSuccessHandler authenticationSuccessHandler;
//    @Autowired
//    AuthenticationFaillHandler authenticationFaillHandler;
//    @Autowired
//    SecurityRepository securityRepository;
////    @Autowired
////    HeadersToFilter headersToFilter;
//    @Autowired
//    LogoutSuccessHandler logoutSuccessHandler;
//    @Autowired
//    LogoutHandler logoutHandler;
//    @Resource
//    AuthenticationEntryPoint authenticationEntryPoint;
//    @Resource
//    UserDetailsServiceImpl userDetailsService;
//
//
//    private final String[] path={
//            "/",
//            "/*.html",
//            "/favicon.ico",
//            "/*/*.html",
//            "/*/*.css",
//            "/*/*.js",
//            "/swagger-resources/*",
//            "/v2/api-docs/*",
//            "/core/login"
//    };
//
//
//    @Bean
//    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
//         http.authorizeExchange(exchange -> exchange // 请求拦截处理
//                        .pathMatchers(path).permitAll()
//                        .pathMatchers(HttpMethod.OPTIONS).permitAll()
//                        .anyExchange().access(authorizationManagers)//权限
//                //.and().authorizeExchange().pathMatchers("/user/normal/**").hasRole("ROLE_USER")
//                //.and().authorizeExchange().pathMatchers("/user/admin/**").hasRole("ROLE_ADMIN")
//                //也可以这样写 将匹配路径和角色权限写在一起
//        ).httpBasic()
//                //.authenticationSuccessHandler(authenticationSuccessHandler) //认证成功
//               // .authenticationFailureHandler(authenticationFaillHandler) //登陆验证失败
//                .and().exceptionHandling().authenticationEntryPoint(authenticationEntryPoint)
//                .accessDeniedHandler(accessDeniedHandler)//基于http的接口请求鉴权失败
//                .and().csrf().disable()//必须支持跨域
//                .logout().logoutUrl("/core/logout")
//                .logoutHandler(logoutHandler)
//                .logoutSuccessHandler(logoutSuccessHandler)
//                .and()
//                .addFilterAt(new HeadersToFilter(), SecurityWebFiltersOrder.HTTP_BASIC);
//        http.securityContextRepository(securityRepository);
//        http.authenticationManager(reactiveAuthenticationManager());
//        http.securityContextRepository(NoOpServerSecurityContextRepository.getInstance());//无状态 默认情况下使用的WebSession
//        return http.build();
//    }
//
//
//    @Bean
//    public ReactiveAuthenticationManager reactiveAuthenticationManager() {
//        LinkedList<ReactiveAuthenticationManager> managers = new LinkedList<>();
//        UserDetailsRepositoryReactiveAuthenticationManager userDetailsRepositoryReactiveAuthenticationManager =
//                new UserDetailsRepositoryReactiveAuthenticationManager(securityUserDetailsService);
//        userDetailsRepositoryReactiveAuthenticationManager.setPasswordEncoder(bcryptPasswordEncoder());
//        managers.add(userDetailsRepositoryReactiveAuthenticationManager);
//        return new DelegatingReactiveAuthenticationManager(managers);
//    }
//
//    /**
//     * BCrypt密码编码
//     * @return
//     */
//    @Bean
//    public BCryptPasswordEncoder bcryptPasswordEncoder() {
//        return new BCryptPasswordEncoder();
//    }
//
//
//
//}
